[customkitchen]

>the right to examine products and discuss what you learn is really really important and is the basis of security research

I hate to push back on you (of all people) for this, but no it's actually not. You are talking too much with your hacker hat on and not enough with your legal hat on. There is quite a difference between accredited security firms doing responsible security research, and random unaffiliated parties with shifting and conflicting motivations doing "security research". That angle is a losing angle and it's not because these companies did anything, it's because it is actually a fallacious and bad meme that has propagated around forever in hacker circles, seemingly for no other reason than that it is fun to think about it.

In my opinion, if you follow that "right" to its legal and technical conclusion, you will end up with the "right" of corporate security firms to do research. That's it. I don't mean to be all doom and gloom though. You are right that the idea of "right to repair" is a much broader thing that makes a much more compelling case for any kind of consumer protection angle.

[saurik]

I'm not sure what you are arguing :(... is your premise that it is sufficient for only "accredited" (is that even a thing? I didn't know that was a thing) security research firms that are, I guess, hired by the company that is selling the product for the world to be safe? As that definitely doesn't seem to be true in practice, and puts a LOT of power in some extremely biased hands :(. It also doesn't, from my understanding, match the intention of the laws either... the weakest part of the Green case (which is what was referenced and which is almost annoyingly-narrowly about security research being published in book form, and so sidesteps any confusion we might be having here with respect to my personal agendas that involve "jailbreaking")--as far as I can tell, as a non-lawyer who spends way too much time talking to the lawyers--is that the DOJ actually came out during the hearing to say they don't see anything wrong with the activity in the first place ;P. I'm thereby really confused that you seem to think this is somehow, I guess, illegal currently? Cause like, AFAIK, it isn't: the issue at hand is whether there is a chilling effect being caused by Section 1201's anti-trafficking provisions on someone's first amendment right to explain not only that something is insecure but in exactly what way it is insecure (as I, for example, often do in my post-mortems: see my articles on Optimism or Master Key, etc.) when those exploits happen to affect an "effective" (lol: I hate that wording) technological measure protecting someone's copyright, as, in the US, we tend to be pretty adamant about reserving the right to publish information.